TY - GEN
T1 - Tracking end-users in web databases
AU - Rozenberg, Boris
AU - Gonen, Yaron
AU - Gudes, Ehud
AU - Gal-Oz, Nurit
AU - Shmueli, Erez
PY - 2011/11/17
Y1 - 2011/11/17
N2 - When a database is accessed via a web application, users usually receive a pooled connection to the database. From a database point of view, such a connection is always established by the same user (i.e. the web application) and specific data on the end user is not available. As a consequence, users' specific transactions cannot be audited and fine-grained access control cannot be enforced at the database level. In this paper we propose a method and a system which provide the ability to track the end users in web databases. The new method can be applied to legacy web applications without requiring any changes in their existing infrastructure. Furthermore, the new users tracking ability provides a basis for native database protection mechanisms, and intrusion detection systems.
AB - When a database is accessed via a web application, users usually receive a pooled connection to the database. From a database point of view, such a connection is always established by the same user (i.e. the web application) and specific data on the end user is not available. As a consequence, users' specific transactions cannot be audited and fine-grained access control cannot be enforced at the database level. In this paper we propose a method and a system which provide the ability to track the end users in web databases. The new method can be applied to legacy web applications without requiring any changes in their existing infrastructure. Furthermore, the new users tracking ability provides a basis for native database protection mechanisms, and intrusion detection systems.
KW - DB users tracking
KW - auditing
KW - web users tracking
UR - http://www.scopus.com/inward/record.url?scp=81055155526&partnerID=8YFLogxK
U2 - 10.1109/ICNSS.2011.6059966
DO - 10.1109/ICNSS.2011.6059966
M3 - Conference contribution
AN - SCOPUS:81055155526
SN - 9781457704598
T3 - Proceedings - 2011 5th International Conference on Network and System Security, NSS 2011
SP - 105
EP - 112
BT - Proceedings - 2011 5th International Conference on Network and System Security, NSS 2011
T2 - 2011 5th International Conference on Network and System Security, NSS 2011
Y2 - 6 September 2011 through 8 September 2011
ER -